RE: [PHP] Re: Redirection Question (I spoke to soon)

Wed, 23 Jul 2003 18:28:07 -0700 

Thanks Mike.. You've been a GREAT help..

Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia 
DID : 03-7870 5168


-----Original Message-----
From: Ford, Mike [LSS] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 7:01 PM
To: Ow Mun Heng; PHP
Subject: RE: [PHP] Re: Redirection Question (I spoke to soon)


> -----Original Message-----
> From: Ow Mun Heng [mailto:[EMAIL PROTECTED]
> Sent: 23 July 2003 11:37
> 
>       I'm confused..
> 
> <quote>
>  With $_SESSION, there is no need to use the session_register(),
>  session_unregister(), session_is_registered() functions. Session
>  variables are accessible like any other variables. 
> </quote>
> 
>       I'm using
> 
> session_start();
> session_register('username');
> $_SESSION['username'] = $row['username'];
> session_register('user_id');
> $_SESSION['user_id'] = $row['user_id'];
> session_register('access_level');
> $_SESSION['access_level'] = $row['access_level'];
> 
> and checking if user is authenticated using
> 
> if ( session_is_registered('user_id') ) 
>       {
>               return true;
>       }
>       else
>       {       
>               return false;
>       }
> 
> 
> Am I in error? (I'm trying to code using register_globals=off)

Yes.

If you use only the $_SESSION array to set/get the values of your session
variables, you do not need (and, in some versions of PHP, MUST NOT use)
session_register() or any of its friends.

The proper coding for what you are doing above is:

  session_start();
  $_SESSION['username'] = $row['username'];
  $_SESSION['user_id'] = $row['user_id'];
  $_SESSION['access_level'] = $row['access_level'];

and

  if (isset($_SESSION['user_id']) ) 
        {
                return true;
        }
        else
        {       
                return false;
        }

(or even just

    return isset($_SESSION['user_id']);

! ;)

Cheers!

Mike

---------------------------------------------------------------------
Mike Ford,  Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS,  LS6 3QS,  United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730      Fax:  +44 113 283 3211

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to